Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
STUDY
Flashcards
Learn
Write
Spell
Test
PLAY
Match
Gravity
· SSM Automation
· Built-in targets
· Consist of a single ZIP file or WAR file (you can include multiple WAR files inside
your ZIP file)
2) Configure - This event occurs on all of the stack's instances when one of the
following occurs:
c) You attach an Elastic Load Balancing load balancer to a layer, or detach one from
a layer.
3) Deploy - This event occurs when you run a Deploy command, typically to deploy
an application to a set of application server instances.
4) Undeploy - This event occurs when you delete an app or run an Undeploy
command to remove an app from a set of application server instances.
5) Shutdown - This event occurs after you direct AWS OpsWorks Stacks to shut an
instance down but before the associated Amazon EC2 instance is actually
terminated
By default in Opswork , how many application versions can you rollback up to?
4
You have defined a Linux based instance stack in Opswork. You now want to attach
a database to the Opswork stack. Which of the below is an important step to ensure
that the application on the Linux instances can communicate with the database
Add the appropriate driver packages to ensure the application can work with the
database
You have an Opswork stack defined with Linux instances. You have executed a
recipe , but the execution has failed. What is one of the ways that you can use to
diagnose what was the reason why the recipe did not execute correctly.
Log into the instance and check if the recipe was properly configured
Long-term storage for backups with data readily available
S3 - IA
A company is building a two-tier web application to serve dynamic transaction-based
content. The data tier is leveraging an Online Transactional Processing (OLTP)
database. What services should you leverage to enable an elastic and scalable web
tier?
Elastic Load Balancing, Amazon EC2, and Auto Scaling
You have an ELB on AWS which has a set of web servers behind them. There is a
requirement that the SSL key used to encrypt data is always kept secure. Secondly
the logs of ELB should only be decrypted by a subset of users. Which of these
architectures meets all of the requirements?
Use Elastic Load Balancing to distribute traffic to a set of web servers, configure the
load balancer to
perform TCP load balancing, use an AWS CloudHSM to perform the SSL
transactions, and write your
web server logs to a private Amazon S3 bucket using Amazon S3 server-side
encryption.
You recently encountered a major bug in your web application during a deployment
cycle. During this failed deployment, it took the team four hours to roll back to a
previously working state, which left customers with a poor user experience. During
the post-mortem, you team discussed the need to provide a quicker, more robust
way to roll back failed deployments. You currently run your web application on
Amazon EC2 and use Elastic Load Balancing for your load balancing needs.
Which technique should you use to solve this problem?
...
You are designing an application that contains protected health information. Security
and compliance requirements for your application mandate that all protected health
information in the application use encryption at rest and in transit. The application
uses a three-tier architecture where data flows through the load balancer and is
stored on Amazon EBS volumes for processing and the results are stored in Amazon
S3 using the AWS SDK.
Which of the following two options satisfy the security requirements? (Select two)
Use TCP load balancing on the load balancer. SSL termination on the Amazon EC2
instances. OS-level disk encryption on the Amazon EBS volumes and Amazon S3
with server-side encryption.
Use SSL termination on the load balancer an SSL listener on the Amazon EC2
instances, Amazon EBS encryption on EBS volumes containing PHI and Amazon S3
with server-side encryption.
You have an AWS OpsWorks Stack running Chef Version 11.10. Your company
hosts its own proprietary cookbook on Amazon S3, and this is specified as a custom
cookbook in the stack. You want to use an open-source cookbook located in an
external Git repository. What tasks should you perform to enable the use of both
custom cookbooks?
In the AWS OpsWorks stack settings, enable Berkshelf. Create a new cookbook with
a Berksfile that specifies the other two cookbooks. Configure the stack to use this
new cookbook.
Write a Dockerfile that installs the Go base image and fetches your application using
Git, Create a new AWS Elastic Beanstalk application and use this Dockerfile to
automate the deployment
The development team has developed a new feature that uses an AWS service and
wants to test it from inside a staging VPC. How should you test this feature with the
fastest turnaround time?
Launch an Amazon Elastic Compute Cloud (EC2) instance in the staging VPC in
response to a development request, and use configuration management to set up
the application. Run any testing harnesses to verify application functionality and then
use Amazon Simple Notification Service (SNS) to notify the development team of the
results
You have a web application that is currently running on a three M3 instances in three
AZs. You have an Auto Scaling group configured to scale from three to thirty
instances. When reviewing your CloudWatch metrics, you see that sometimes your
Auto Scaling group is hosting fifteen instances. The web application is reading and
writing to a DynamoDB-configured backend and configured with 800 Write Capacity
Units and 800 Read Capacity Units. Your DynamoDB Primary Key is the Company
ID. You are hosting 25 TB of data in your web application. You have a single
customer that is complaining of long load times when their staff arrives at the office
at 9:00 AM and loads the website, which consists of content that is pulled from
DynamoDB. You have other customers who routinely use the web application.
Choose the answer that will ensure high availability and reduce the customer's
access times.
Use data pipelines to migrate your DynamoDB table to a new DynamoDB table with
a primary key that is evenly distributed across your dataset. Update your web
application to request data from the new table
You have an I/O and network-intensive application running on multiple Amazon EC2
instances that cannot handle a large ongoing increase in traffic. The Amazon EC2
instances are using two Amazon EBS PIOPS volumes each, and each instance is
identical.
Which of the following approaches should be taken in order to reduce load on the
instances with the least disruption to the application?
Create an AMI from an instance, and set up an Auto Scaling group with an instance
type that has enhanced networking enabled and is Amazon EBS-optimized.
Your public website uses a load balancer and an Auto Scaling group in a virtual
private cloud. Your chief security officer has asked you to set up a monitoring system
that quickly detects and alerts your team when a large sudden traffic increase
occurs. How should you set this up?
Set up an Amazon CloudWatch alarm for the Amazon EC2 NetworkIn metric for the
Auto Scaling group and then use Amazon SNS to alert your team.
As part of your deployment process, you are configuring your continuous integration
(CI) system to build AMIs. You want to build them in an automated manner that is
also cost-efficient. Which method should you use?
...
You have decided that you need to change the instance type of your production
instances which are running as part of an AutoScaling group. The entire architecture
is deployed using CloudFormation Template. You currently have 4 instances in
Production. You cannot have any interruption in service and need to ensure 2
instances are always running during the update?
AutoScalingRollingUpdate
You currently have the following setup in AWS
You want to deploy the updates of your app to only a certain number of users. You
want to have a cost-effective solution. You should also be able to revert back quickly.
Which of the below solutions is the most feasible one?
Create a second ELB, and a new Auto Scaling Group assigned a new Launch
Configuration. Create a new AMI with the updated app. Use Route53 Weighted
Round Robin records to adjust the proportion of traffic hitting the two ELBs.
Your application is currently running on Amazon EC2 instances behind a load
balancer. Your management has decided to use a Blue/Green deployment strategy.
How should you implement this for each deployment?
Create a new load balancer with new Amazon EC2 instances, carry out the
deployment, and then switch DNS over to the new load balancer using Amazon
Route 53 after testing.
You have an application running a specific process that is critical to the application's
functionality, and have added the health check process to your Auto Scaling Group.
The instances are showing healthy but the application itself is not working as it
should. What could be the issue with the health check , since it is still showing the
instances as healthy.
...
You have just recently deployed an application on EC2 instances behind an ELB.
After a couple of weeks, customers are complaining on receiving errors from the
application. You want to diagnose the errors and are trying to get errors from the
ELB access logs. But the ELB access logs are empty. What is the reason for this.
...
You have deployed an application to AWS which makes use of Autoscaling to launch
new instances. You now want to change the instance type for the new instances.
Which of the following is one of the action items to achieve this deployment?
Create a new launch configuration with the new instance type
Your application stores sensitive information on an EBS volume attached to your
EC2 instance. How can you protect your information? Choose two answers from the
options given below
Copy the unencrypted snapshot and check the box to encrypt the new snapshot.
Volumes restored from this encrypted snapshot will also be encrypted.
Create and mount a new, encrypted Amazon EBS volume. Move the data to the new
volume. Delete the old Amazon EBS volume
Which Auto Scaling process would be helpful when testing new instances before
sending traffic to them, while still keeping them in your Auto Scaling Group?
Suspend the process AddToLoadBalancer
Your company has multiple applications running on AWS. Your company wants to
develop a tool that notifies on-call teams immediately via email when an alarm is
triggered in your environment. You have multiple on-call teams that work different
shifts, and the tool should handle notifying the correct teams at the correct times.
How should you implement this solution?
...
You are responsible for your company's large multi-tiered Windows-based web
application running on Amazon EC2 instances situated behind a load balancer.
While reviewing metrics, you've started noticing an upwards trend for slow customer
page load time. Your manager has asked you to come up with a solution to ensure
that customer load time is not affected by too many requests per second. Which
technique would you use to solve this issue?
...
During metric analysis, your team has determined that the company's website during
peak hours is experiencing response times higher than anticipated. You currently
rely on Auto Scaling to make sure that you are scaling your environment during peak
windows. How can you improve your Auto Scaling policy to reduce this high
response time? Choose 2 answers.
Increase your Auto Scaling group's number of max servers.
Push custom metrics to CloudWatch for your application that include more detailed
information about your web application, such as how many requests it is handling
and how many are waiting to be processed.
Management has reported an increase in the monthly bill from Amazon Web
Services, and they are extremely concerned with this increased cost. Management
has asked you to determine the exact cause of this increase. After reviewing the
billing report, you notice an increase in the data transfer cost. How can you provide
management with a better insight into data transfer use?
Deliver custom metrics to Amazon CloudWatch per application that breaks down
application data transfer into multiple, more specific data points.
You have an application consisting of a stateless web server tier running on Amazon
EC2 instances behind load balancer, and are using Amazon RDS with read replicas.
Which of the following methods should you use to implement a self-healing and cost-
effective architecture? Choose 2 answers from the options given below
Set up an Auto Scaling group for the web server tier along with an Auto Scaling
policy that uses the Amazon EC2 CPU utilization CloudWatch metric to scale the
instances.
On the web servers, create a scheduled task that executes a script to rotate and
transmit the logs to an Amazon S3 bucket. Ensure that the operating system
shutdown procedure triggers a logs transmission when the Amazon EC2 instance is
stopped/terminated.
Use AWS Data Pipeline to move log data from the Amazon S3 bucket to Amazon
Redshift In order to process and run reports every hour.
You have a web application that's developed in Node.js The code is hosted in Git
repository. You want to now deploy this application to AWS. Which of the below 2
options can fulfil this requirement.
Create a Docker file to install Node.js. and gets the code from Git. Use the Dockerfile
to perform the deployment on a new AWS Elastic Beanstalk application.
- The customer insight team requires immediate access to the logs from the past
seven
days.
- The fraud investigation team requires access to all historic logs, but will wait up to
24 hours before these logs are available.
How would you meet these requirements in a cost-effective manner? Choose three
answers from the options below
Create an Amazon S3 lifecycle configuration to move log files from Amazon S3 to
Amazon Glacier after seven days
Configure your application to write logs to a separate Amazon EBS volume with the
"delete on termination" field set to false.
Create a script that moves the logs from the instance to Amazon S3 once an hour.
Attach an additional Auto Scaling configuration behind the ELB and phase in newer
instances while removing older instances
Your company has developed a web application and is hosting it in an Amazon S3
bucket configured for static website hosting. The application is using the AWS SDK
for JavaScript in the browser to access data stored in an Amazon DynamoDB table.
How can you ensure that API keys for access to your data in DynamoDB are kept
secure?
Configure a web identity federation role within IAM to enable access to the correct
DynamoDB resources and retrieve temporary credentials.
You are using a configuration management system to manage your Amazon EC2
instances. On your Amazon EC2 Instances, you want to store credentials for
connecting to an Amazon RDS MYSQL DB instance. How should you securely store
these credentials?
Assign an IAM role to your Amazon EC2 instance, and use this IAM role to access
the Amazon RDS DB from your Amazon EC2 instances.
You have been asked to de-risk deployments at your company. Specifically, the
CEO is concerned about outages that occur because of accidental inconsistencies
between Staging and Production, which sometimes cause unexpected behaviors in
Production even when Staging tests pass. You already use Docker to get high
consistency between Staging and Production for the application environment on your
EC2 instances. How do you further de-risk the rest of the execution environment,
since in AWS, there are many service components you may use beyond EC2 virtual
machines?
Develop models of your entire cloud system in CloudFormation. Use this model in
Staging and Production to achieve greater parity.
You need to create a Route53 record automatically in CloudFormation when not
running in production during all launches of a Template. How should you implement
this?
Use a Parameter for environment, and add a Condition on the Route53 Resource in
the template to create the record only when environment is not production.
You have a development team that is continuously spending a lot of time rolling back
updates for an application. They work on changes , and if the change fails , they
spend more than 5-6h in rolling back the update. Which of the below options can
help reduce the time for rolling back application versions.
Use Elastic Beanstalk and re-deploy using Application Versions
When thinking of AWS Elastic Beanstalk's model, which is true?
Applications have many environments, environments have many deployments.
You are hired as the new head of operations for a SaaS company. Your CTO has
asked you to make debugging any part of your entire operation simpler and as fast
as possible. She complains that she has no idea what is going on in the complex,
service-oriented architecture, because the developers just log to disk, and it's very
hard to find errors in logs on so many services. How can you best meet this
requirement and satisfy your CTO?
...
For AWS Auto Scaling, what is the first transition state an instance enters after
leaving steady state when scaling in due to health check failure or decreased load?
Terminating
You have an application running on an Amazon EC2 instance and you are using IAM
roles to securely access AWS Service APIs. How can you configure your application
running on that instance to retrieve the API keys for use with the AWS SDKs?
When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly
retrieve API keys, because the SDK handles retrieving them from the Amazon EC2
MetaData service.
Which of these is not an instrinsic function in AWS CloudFormation?
Fn::Parse
...
DynamoDB table with roughly equal read and write throughput, with ElastiCache
caching.